Field
Aspects of the present invention generally relate to an information processing apparatus including a mandatory access control function and a method for controlling the information processing apparatus.
Description of the Related Art
In a general computer system, an authority of a system administrator is normally required for access to important information in the system. Therefore, only the system administrator may access the important information in the system, and accordingly, the computer system is prevented from being altered by a malicious person.
However, there is a risk that the computer system may be easily altered if the authority of the system administrator is taken over by the malicious person. Therefore, some mechanisms in which access to computer resources, such as a system specifying execution process, files, and devices, is restricted even if a user has the authority of the system administrator have been proposed.
Examples of the mechanisms include mandatory access control (MAC). In the MAC, access to execution processes and files is controlled in accordance with a security policy (hereinafter simply referred to as a “policy”) generated in advance. Japanese Patent Laid-Open No. 2012-18102 discloses a technique of the MAC.
As described above, a policy is generated in advance before the MAC is employed in an information processing apparatus. The policy is normally generated in advance by a person who configures the computer system, for example.
However, in general, a large number of unknown vulnerabilities are included in operation systems and application programs. If an unknown vulnerability is found, unauthorized access utilizing the vulnerability may be performed. Such unauthorized access is not assumed when the policy is generated in advance, and if the policy generated in advance is continuously used, the unauthorized access may be permitted. Therefore, the policy is required to be updated. However, frequent update of the policy in accordance with information on finding of an unknown vulnerability or the like is a large work load for the administrator of the computer system. On the other hand, a case where the policy is automatically updated by a specific application having a user interface may be considered. However, in this case, if the specific application is taken over by the malicious person, unauthorized access may be permitted.